[security] Electron packager security issue, requires updating dependency

[taoeffect]

Node type: geth/eth
OS: osx
Network type: main/test
Mist version: 0.7.2 from master 94d1be9

$ npm install
npm WARN deprecated electron-packager@5.2.1: Critical security bug fixed in v7.0.0 - read more at https://github.com/electron-userland/electron-packager/issues/333
npm WARN deprecated graceful-fs@3.0.8: graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. Use 'npm ls graceful-fs' to find it in the tree.
npm WARN deprecated lodash@1.0.2: lodash@<3.0.0 is no longer maintained. Upgrade to lodash@^4.0.0.
npm WARN deprecated graceful-fs@1.2.3: graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. Use 'npm ls graceful-fs' to find it in the tree.

See link mentioned: electron/packager#333

[luclu]

electron-packager 7.0.2 brings the following changes among others:

• defaults to ssl when downloading modules to prevent MITM-attacks
• added platform mas (Mac App Store)
• splitted OS X-signing routines into the submodule electron-osx-sign

---

issues with 7.0.2:

• issues closed with bug-fix PR Fix Mist/Wallet app bundling #721

[luclu]

7.0.2 will be included as of PR #721.

[lock]

This thread has been automatically locked because it has not had recent activity. Please open a new issue for related bugs and link to relevant comments in this thread.